<?php
/**
 * Short description for file
 *
 * Long description for file (if any)...
 *
 * LICENSE: LGPL
 *
 * @category   Sabai
 * @package    Sabai_User
 * @subpackage Authenticator
 * @copyright  Copyright (c) 2006 myWeb Japan (http://www.myweb.ne.jp/)
 * @license    http://opensource.org/licenses/lgpl-license.php GNU LGPL
 * @version    CVS: $Id: BasicHTTP.php 168 2008-03-11 19:13:33Z mikhail.miguel $
 * @link
 * @since      File available since Release 0.1.1
*/

/**
 * Sabai_User_Authenticator
 */
require_once 'Sabai/User/Authenticator.php';

/**
 * Authenticates BasicHTTP users
 *
 * Authenticates BasicHTTP users
 *
 * @category   Sabai
 * @package    Sabai_User
 * @subpackage Authenticator
 * @copyright  Copyright (c) 2006 myWeb Japan (http://www.myweb.ne.jp/)
 * @author     Kazumi Ono <onokazu@gmail.com>
 * @license    http://opensource.org/licenses/lgpl-license.php GNU LGPL
 * @version    CVS: $Id: BasicHTTP.php 168 2008-03-11 19:13:33Z mikhail.miguel $
 * @link
 * @since      Class available since Release 0.1.1
 */
class Sabai_User_Authenticator_BasicHTTP extends Sabai_User_Authenticator
{
    /**
     * @access protected
     * @var string
     */
    var $_username;
    /**
     * @access protected
     * @var string
     */
    var $_password;
    /**
     * @access protected
     * @var string
     */
    var $_errorMsg;
    /**
     * @access protected
     * @var string
     */
    var $_realmName;

    /**
     * Constructor
     *
     * @param string $username
     * @param string $password
     * @param string $errorMsg
     * @param string $realmName
     * @return Sabai_User_Authenticator_BasicHTTP
     */
    function Sabai_User_Authenticator_BasicHTTP($username, $password, $errorMsg = '<h1>Unauthorized</h1>', $realmName = 'Realm')
    {
        $this->_username = $username;
        $this->_password = $password;
        $this->_errorMsg = $errorMsg;
        $this->_realmName = $realmName;
    }

    /**
     * Authenticates a user
     *
     * @access protected
     * @param Sabai_Request $request
     * @return Sabai_User_Authenticated on success, false on failure
     */
    function &_doAuthenticate(&$request)
    {
        if (!isset($_SESSION['Sabai_User_Authenticator_BasicHTTP']['realm']) || !isset($_SERVER['PHP_AUTH_USER'])) {
            static $seeded = false;
            if (!$seeded) {
                srand((double)microtime() * 100000);
                $seeded = true;
            }
            $_SESSION['Sabai_User_Authenticator_BasicHTTP']['realm'] = $realm = md5(uniqid(rand(), true));
            header(sprintf('WWW-Authenticate: Basic realm="%s (%s)"', $this->_realmName, $realm));
            header('HTTP/1.0 401 Unauthorized');
            echo $this->_errorMsg;
            exit;
        } elseif ($_SERVER['PHP_AUTH_USER'] != $this->_username || $_SERVER['PHP_AUTH_PW'] != $this->_password) {
            header('HTTP/1.0 401 Unauthorized');
            echo $this->_errorMsg;
            exit;
        }
        $identity =& new Sabai_User_Identity($this->_username);
        $identity->setName($shis->_username);
        $user =& new Sabai_User($identity);
        return $user;
    }

    function _doDeauthenticate(&$user)
    {
        unset($_SESSION['Sabai_User_Authenticator_BasicHTTP']['realm']);
    }
}